Google has been working hard to protect its users from malicious web pages, and also to help webmasters keep their websites clean. When we find malicious content on websites, we attempt to notify their webmasters via email about the bad URLs. There is even a Webmaster Tools feature that helps webmasters identify specific malicious content that has been surreptitiously added to their sites, so that they can clean up their site and help prevent it from being compromised in the future.

Today, we’re happy to announce Google Safe Browsing Alerts for Network Administrators -- an experimental tool which allows Autonomous System (AS) owners to receive early notifications for malicious content found on their networks. A single network or ISP can host hundreds or thousands of different websites. Although network administrators may not be responsible for running the websites themselves, they have an interest in the quality of the content being hosted on their networks. We’re hoping that with this additional level of information, administrators can help make the Internet safer by working with webmasters to remove malicious content and fix security vulnerabilities.

Nice service. Unfortunately at the moment I am not able to register AS which is assigned by RIPE (resolved as ASN-BLKRIPEX) although the detailed information is present in the RIPE whois. Hopefully it will be resolved soon.

looks very useful but there are a lot of little isp which do not own an AS and host some hundred of web pages (because they just have rent a couple of servers in any datacenter) that would like to get this kind of alerts. Would be good to have this tool also available per given ip addresses

Individual webmasters, even those with hundreds of domains, should use the existing e-mail alerts. Doing it via IP would be a problem for shared hosting providers, who may have hundreds to thousands of unrelated domains on 1 IP.

It would be really great if we could sign up for these alerts without using a Google account (e.g. just using the abuse handle for our AS). Personal Google accounts are tied to employees, who may not be affiliated with the AS's abuse desk forever.

Brent: Yet, Google, has, twice now, listed a whole bunch of our client domains because of one false positive issue with one domain, because they're hosted on the same IP. So Google is clearly doing some part of this on an IP address basis. Maybe cross checking for other FQDNs hosted on the same IP address.

I received an email. The address was my Cousins email Address.But it had no name of the sender. The address was same but the only difference was The original Emails i received from my cousin had his name in it and the fake one had only the same email address but no name of sender or any signature. How can this happen?What has happened in this situation?

looks very useful but there are a lot of little isp which do not own an AS and host some hundred of web pages (because they just have rent a couple of servers in any datacenter) that would like to get this kind of alerts. Would be good to have this tool also available per given ip addresses like Mobil Keluarga Ideal Terbaik Indonesia